I just installed Bitwarden after waiting for my Yubico keys to arrive in the mail. Installation seemingly went smoothly, but then after verifying email, installing Desk app, enabling 2 Yubikeys for 2FA, and installing Chrome Extension, I am basically unable to get anything to ever require my 2FA device after the 1st time, without completely uninstalling and re-installing the extension each time. I DO not have any remember me checkboxes checked. A search online seems to show this as a known issue for a while now, and I absolutely am not happy with this behavior but thought before I immediately blow up this Premium account I already paid for I thought I would see if anyone knows if this issue is somehow resolved and I am just doing something wrong.
Hey @another_mikey if you visit the web vault, tap the user profile icon in the top right corner, then select Deauthorize sessions from the bottom of the page.
What is the reason why you wish to fully log out and login each time you use Bitwarden? The app is meant to be left logged in, and security is controlled by locking the vault when not in use.
You should also avoid using Bitwarden on devices that you don’t fully trust (e.g., devices not under your complete control). Requiring a full login authentication process with 2FA on a public (or otherwise untrusted) device is not sufficient to protect your vault contents, if the device has been compromised by malware.
Thanks for the response. Firstly, I now have things working as I desired., That is, anytime I close my browser I have to re-login to Bitwarden (and the 2FA device is now required) to get into my account.
I want to have the system work this way so I can be sure I am the only family member who has access to my password account, and the 2FA gives me that extra level of protection for logging into my account. Once I have logged in and have my browser open, I am able to use the Cntrl-Shift-L to log in to things automatically (I am not using autofill.) As far as public untrusted devices go, I never log in with any of my credentials to any website on those machines, period. So at this point I seem to have things working well and am happy. Thanks to everyone who chimed in to help me with this problem, much appreciated.
